-
Notifications
You must be signed in to change notification settings - Fork 10.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Getting cookies in flashsocket protocol #101
Comments
I have to correct myself, client.request.headers.cookie actually contains socketio=flashsocket but I can't find connect.sid key (that appears using other protocols) |
I believe this is the because flash maintains its own cookie jar i.e. it doesn't use the same set of cookies that the browser already has. |
Thanks for the reply. |
It might be better to do authentication outside of cookies, ie.. have the first message sent via socket.io be an authentication request. http://stackoverflow.com/questions/602665/how-can-i-get-flash-to-share-the-browser-cookies-session |
good, thanks for the tip. I'll see If I can get it to work and close this issue |
afaik, vanilla websocket only deals with "httpOnly" cookies. Flash websocket on the other hand does not (it can only see cookies available to the JavaScript). What I've found is that you can set cookie twice, one with httpOnly flag being set, and another one without. This way flash socket and vanilla socket would pick out appropriate cookie and use it. |
I'm using this trick to get cookies from the client: https://gist.github.com/614068
I've noticed that client.request.headers.cookie is null in case the protocol used is flashsocket, it is working fine at least in websockets and xhr-multipart
I wasn't sure if this should be reported here or in the client side project, feel free to tell me to try reposting this to client side socket.io project
Also I'm not sure that that trick is "correct" and usable...
thanks
The text was updated successfully, but these errors were encountered: